CVE-2022-23052

PeteReport Version 0.5 contains a Cross Site Request Forgery CSRF vulnerability allowing an attacker to trick users into deleting users, products, reports and findings on the application...

EUVD-2021-26494

Malware in sbrugna...

EUVD-2024-3250

Malicious code in bioql PyPI...

EUVD-2024-40872

Malicious code in bioql PyPI...

CVE-2024-44112

Due to missing authorization check in SAP for Oil & Gas Transportation and Distribution, an attacker authenticated as a non-administrative user could call a remote-enabled function which will allow them to delete non-sensitive entries in a user data table. There is no effect on confidentiality or...

CVE-2024-51734

Zope AccessControl provides a general security framework for use in Zope. In affected versions anonymous users can delete the user data maintained by an AccessControl.userfolder.UserFolder which may prevent any privileged access. This problem has been fixed in version 7.2. Users are advised to...

Improper Privilege Management

Zope and AccessControl is vulnerable to Improper Privilege Management. The vulnerability is due to anonymous users being able to delete user data in AccessControl.userfolder.UserFolder, potentially preventing privileged access. Users unable to upgrade can mitigate by adding dataroles = to...

CVE-2024-51734 User data deletion by anoynmous users in Zope

Zope AccessControl provides a general security framework for use in Zope. In affected versions anonymous users can delete the user data maintained by an AccessControl.userfolder.UserFolder which may prevent any privileged access. This problem has been fixed in version 7.2. Users are advised to...

CVE-2024-44112

Due to missing authorization check in SAP for Oil & Gas Transportation and Distribution, an attacker authenticated as a non-administrative user could call a remote-enabled function which will allow them to delete non-sensitive entries in a user data table. There is no effect on confidentiality or...

Improper access control

The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can tamper the parameters to delete the data of another user that are present in the same table through...

CVE-2017-0490

An elevation of privilege vulnerability in Wi-Fi could enable a local malicious application to delete user data. This issue is rated as Moderate because it is a local bypass of user interaction requirements that would normally require either user initiation or user permission. Product: Android...

CVE-2016-5231

Summary: CVE-2016-5231 affects Huawei Mate 8 and related NXT/NXT variants (NXT-AL, NXT-CL, NXT-DL, NXT-TL) prior to certain build revisions. The issue allows an attacker to bypass permission checks and delete user data via a crafted app. The vulnerability is linked to Huawei’s security advisories...